Ransomware Activity

Tracking the groups and attacks from 2020 onward

Ryuk ransomware self-spreads to other Windows LAN devices per Bleeping Computer O2/26/21

This new variant has wormlike capabilities so it can spread to other devices on that local network using scheduled tasks. Saw a lot of abuse of scheduled tasks by ransomware in 2020.

Hotarus Group ransomware gang hacks Ecuador’s Ministry of Finance and largest bank per Bleeping Computer 02/26/21 The group used commodity ransomware, Ronggolawe, and stole data. They claim access by compromising third party code used for the bank’s web apps. Lots of third party code compromise across 2020.